#+SETUPFILE: ../../../template/level-2.org
#+TITLE: Feedback for Privacy By Design Paper
#+DATE: <2019-12-28 Sat 13:53>
#+AUTHOR: vaeringjar
#+EMAIL: vaeringjar@land
#+DESCRIPTION: Feedback for Privacy By Design Using Agents and Digital Identities Controlled by their Owners.
#+KEYWORDS:

* Introduction

The handwritten annotations seem to fix some of what I would have
said, but I see one line that I think needs fixing:

"Described is an integrative identity architecture that deploys
identity agents working on behalf..."

* Using the word "Agents"

I know we talked about this already, but I still have some
reservations about using "agents". Strictly speaking it means a bot,
but I think some folks will associate it with an AI or some kind of
machine learning due to the recent popularity in that realm. I know we
also have a section that discusses both of these from Hesslie Jones,
but I don't really buy it. But "identity agents" is definitely an
improvement over "intelligent agents".

* Challenges...

> Berners-Lee has resolved to take back power from the big Internet
  players by giving users control...

I do have a feeling, though, that Big Data would rather risk the
status quo than give up their current business model.

* TODO Relevant Background

On page 3 there's a paragraph starting with "In the 2015 timeframe,
our founding team..." Did you want me to write a paragraph about worth
we have already done? I'll write about this later on, below.

* Sidebar 2

Though, contrary to my skepticism about whether Big Data would reduce
the risk, I still think there also needs to be some research into how
much Big Data companies lose versus how much they would need to invest
into something more secure. Psychologically, this might be in the same
camp as why countries are so sluggish to address global
heating/climate change.

* Figure 1

I had started working on a table for this a few months ago, but it
dropped off my priorities list. Since, by the way, I actually have had
to create an Okta account. It's too bad that Okta and Shibboleth don't
seem to federate, or if they can, the ones I use don't.

* Sidebar 4

It might be worth saying that PGP has 2 of the 3 key pairs described
for signing/verifying and encrypting/decrypting.

* Figure 3

And also related to the section, I think we could also have another
sidebar, maybe to go along with the first one about passwords. And
that is to not use passwords, and to not store any information about
someone unless it has a business purpose. Of course, for Big Data,
this is basically everything.
